Azure DNS: What Comes First?

Oh, it’s that age old question – what comes first? The chicken or the egg? With Windows Azure, the question often is about DNS. What comes first? The IP address of the DNS server or the machine itself?

Honestly, it depends on what you plan on doing with your virtual machines and how you utilize the virtual networks.

Option 1: Spin up a VM as a “Quick Create” When you do this, you are creating a VM without a custom virtual network that you control. The Azure fabric will assign an external IP address (VIP) and an internal IP address (DIP) isolated from all other machines. An appropriate DNS server from the fabric will be injected and your servername.cloudapp.net DNS name will be registered so your VM can be reachable from the Internet. All is done.

You could create other VMs the same way and the only way they would be reachable from one to the other is over the Internet via ports you opened. They would not share any “internal” networking.

Option 2: Create a Virtual Network and the create VMs attached to your VNET.When you do this, you are controlling the internal address assignments and purposely joining VMs to that network so they can communicate with each other. For that they need an “internal” DNS server. Because the DNS settings are injected into the VM upon boot, you must have the IP address of that DNS server in mind before you begin and assign it within your Virtual Network settings, before creating the VMs themselves.

This DNS server could be from your on-premises network (if you are creating a site-to-site VPN) or one that does not yet exist in your Azure VNET, like an server acting as an Active Directory DC, perhaps.When you create a virtual network, take note of the first IP address that would be assigned to a machine, or you can now choose to statically assign IP addresses using PowerShell. Add that address as the DNS server in your virtual network. Then when you create VMs they will know to use the internal DNS you specify as the primary DNS.

An external address (VIP) would still be automatically assigned and the name of the cloud service would be either your server name or something else that fits into the design of what you are trying to accomplish. That DNS name would still be registered with Azure DNS, but your internal IP address would be registered with the DNS server you specified.